tracee
System monitoring tool
A tool that uses eBPF to monitor system behavior and detect security threats
Linux Runtime Security and Forensics using eBPF
4k stars
53 watching
418 forks
Language: Go
last commit: 9 days ago
Linked from 2 awesome lists
bpfdockerebpfgolangkuberneteslinuxruntime-securitysecurity
zoidyzoidzoid/awesome-ebpf
jatrost/awesome-kubernetes-threat-detectionRelated projects:
| Repository | Description | Stars |
|---|---|---|
 cilium/tetragon | A real-time security monitoring system that detects and responds to sensitive events using eBPF-based sensors and enriched with kernel and Kubernetes metadata | 3,652 |
 alegrey91/harpoon | A tool that uses eBPF to capture and monitor system calls made by specific functions within a program | 90 |
| aquasecurity/kube-bench | Automated security auditing tool for Kubernetes clusters | 7,069 |
| aquasecurity/kube-hunter | Detects security weaknesses in Kubernetes clusters to increase awareness and visibility of potential vulnerabilities. | 4,763 |
| aquasecurity/trivy | Automatically scans software projects for vulnerabilities and misconfigurations to ensure security and compliance. | 23,679 |
 anchore/syft | Generates detailed visibility into software packages and dependencies to manage vulnerabilities and license compliance. | 6,248 |
| anchore/grype | A tool for detecting vulnerabilities in container images and filesystems | 8,812 |
 kubescape/kubescape | A comprehensive security platform for Kubernetes environments that integrates risk analysis, security, compliance, and misconfiguration scanning across the entire development and deployment lifecycle. | 10,232 |
| aquasecurity/libbpfgo | A Go library providing an interface to eBPF programs from userspace | 734 |
 genuinetools/bpfd | A framework for running BPF programs with rules on Linux as a daemon, allowing for flexible and container-aware tracing and filtering of system events. | 477 |
 zegl/kube-score | Analyzes Kubernetes object definitions for security and reliability issues and provides recommendations for improvement. | 2,788 |
 kxxt/tracexec | A utility for tracing execve{,at} and pre-exec behavior in programs. | 276 |
 owasp/nettacker | Automated tool for identifying vulnerabilities and gathering information about network services and systems. | 3,618 |
 linuxserver/docker-swag | A Docker container that sets up an Nginx webserver and reverse proxy with PHP support, including automated SSL certificate generation and renewal, as well as intrusion prevention. | 2,904 |
 open-telemetry/opentelemetry-ebpf-profiler | A Linux-based profiler that uses eBPF to profile system calls and CPU cycles in real-time, providing insights into application performance without requiring instrumentation or recompilation. | 2,463 |